Enumerating Badness: The latest way Facebook conspires to destroy you

September 30, 2011

Facebook recently rolled out an updated version of their interface and while much of the focus has been on how useful or pointless the new interface is and how it may or may not have been influenced by one of their competitors, what ended up getting buried was yet another Facebook feature that can potentially violate your privacy.

Freaky. Image by Wikimedia Commons user Maxo.

More exposition after the break. "Enumerating badness" is a term borrowed from the information security world used to describe an approach to security that ended up not working. The most well-known example of this is anti-virus software, which used a static list of signatures to detect viruses. Each new virus that came out needed a new signature. This worked for a number of years until virus writers began writing new viruses faster than security engineers could find them and write the signatures. So we had to take a different approach. The challenge for ITS is that on the one hand, we want to tell you about all of these things potentially ruinous aspects of the technology you know, love and trust. But the flip side of that coin is that we could tell you a new piece of important information every day and never run out of things to tell you, not to mention the fact that there's only so many emails or blog posts that a single human being can read in a day and we're not the only ones with important news to spread. So we tend to enumerate badness - we cherry pick the most egregious offenses made by the biggest companies and we focus on those. That can do as much harm as good. If we focus too much on Facebook, you might think the grass is greener elsewhere and that not using Facebook = I don't have to worry about privacy anymore. It's an easier approach, not just in practical terms but also in philosophical terms. IT is about solving problems and sometimes the quickest way to communicate a solution is to tell you to "change feature X to setting Y in product Z". It doesn't address the underlying problems, though. So for now, check those privacy settings. But if you're serious about protecting your privacy, get ready to for a lot of reading.